Ebx_add\-Ons - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ebx_add\-Ons
(Tibco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	9

Date	Id	Summary	Products	Score	Patch	Annotated
2021-01-12	CVE-2020-27148	The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX Insight Add-on components of TIBCO Software Inc.'s TIBCO EBX Add-ons contain a vulnerability that theoretically allows a low privileged attacker with network access to execute an XML External Entity (XXE) attack. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.4.2 and below.	Ebx_add\-Ons	7.1
2023-07-19	CVE-2023-26217	The Data Exchange Add-on component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged user with import permissions and network access to the EBX server to execute arbitrary SQL statements on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.17 and below, versions 5.6.2 and below, version 6.1.0.	Ebx_add\-Ons	8.8
2023-05-25	CVE-2023-26216	The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that allows an attacker to upload files to a directory accessible by the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.	Ebx_add\-Ons	7.2
2023-05-25	CVE-2023-26215	The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that allows an attacker with low-privileged application access to read system files that are accessible to the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below.	Ebx_add\-Ons	6.5
2023-02-22	CVE-2022-41566	The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute stored XSS on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.6.0 and below.	Ebx_add\-Ons	5.4
2022-09-21	CVE-2022-30578	The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 5.4.1 and below.	Ebx_add\-Ons	9.0
2022-01-19	CVE-2022-22769	The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected...	Ebx, Ebx_add\-Ons, Product_and_service_catalog_powered_by_tibco_ebx	9.0
2019-11-12	CVE-2019-17332	The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.	Ebx_add\-Ons	N/A
2019-11-12	CVE-2019-17331	The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.	Ebx_add\-Ons	N/A